Testing the next release of MIT App Inventor (nb187)

There is a bug in the ctrl+c and ctrl+v in a table arrangement. The problem is that if you do a ctrl+v in the designer table arrangement, the cell can not be selected and therefore disorganized the designer layout.

Last sentence ...

2 Likes

The copy and paste bug with the TableArrangement is a known issue in the older version as well. There was some work on a fix, but I don't know that it will make it into this version. Since we can do website updates as smaller release we may punt on getting it merged for this release. The AAB and SDK 30 support are a higher priority for us right now.

2 Likes

I believe that any corrections should be smaller and more often implemented. This would allow for better testing of patches by users while building projects. Not everyone wants to test on test servers, and not everything can be noticed when testing small projects. It would also prevent waiting a year for minor corrections ;). Especially since some of the fixes have been ready for a long time.

4 Likes

The guidance from Google (and Apple as well, for that matter), is that you shouldn't request more permissions than you need, and only request them as soon as you need them, and ideally your app should shut off behavior or fail gracefully when permission is denied.

In the case of the Cache and Private scopes, no permission is needed since they are in the private data directory, which is always readable/writeable by the app. In the case of the App scope, READ permission is not needed starting with SDK 19, but still need on SDK 18 and earlier (which is why you get the maxSdk assertion in the manifest).

Legacy scope attempts to provide the existing semantics for App Inventor where possible and therefore cannot assert a maxSdk (I guess it could for SDK 29+) since the app might read/write anywhere. So if you want to read/write arbitrary locations one MUST set DefaultFileScope to Legacy. In the manifest, you'll get the READ/WRITE permissions, and the manifest will not include the SDK constraint (again, subject to change w.r.t. SDK 29+).

By default, apps will use the App scope to be in compliance with the restrictions in newer versions of Android going forward. Existing apps that need the old behavior will need to switch to Legacy. I would encourage everyone to try and build new apps to comply with the more recent restrictions in Android as I expect Google won't ever role back these changes.

I was trying to copy a text file from the assets to the shared directory /Downloads
wooHoo
blocks
I set DefaultScope to Shared in the Designer (does it have any influence here?)
shared
the companion app crashed (I used the latest version 2.60t6u), here is the logcat output
companion
same happens in the apk file...

so the question is: how to correctly copy a file to a shared directory?

Taifun
copyToShared.aia (2.1 KB)

2 Likes

Thanks @Taifun. I'm trying to track down the source of this error. We'll need to update the test server with another fix.

2 Likes

Yes that's right. But why shouldn't it still be possible to access (read / list) files* from the external storage (outside the ASD)?
→ (* btw, on Android 10+ you can only access media files)

However, this is only possible if DefaultFileScope = Legacy.

Same answer / question as before.

What does this exactly mean?
(Of course READ can be requested on any Android version.)

Apparently, it is implicitly assumed that if DefaultFileScope is NOT set to Legacy, only files in the ASD (or, if applicable, the shared storage) should be accessed. So again: Why shouldn't it also be possible to access the external storage on devices with Android 4.4 and up? (e.g. with DefaultFileScope = App) The big disadvantage would then be that from Android 4.4 (API 19) onwards, READ / WRITE permissions can no longer be requested. However, this should be possible.

It is not clear to me where the advantage / sense should be to set maxSdkVersion = 18. Because READ permission can be requested on all Android versions (independent of and therefore also with targetSdkVersion = 30). Of course WRITE permission does no longer exist on Android 29+ and is therefore ignored on Android 29+ devices.

The only disadvantage (not setting maxSdk=18) would be that on devices between Android 4.4 (API 19) and Android 5.x (API 22) READ / WRITE is requested at install-time (which hardly anyone will notice and which was also the case before).

In my opinion, the permissions for all DefaultFileScopes should be declared like this (btw, also with Companion):

<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" 
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" android:maxSdkVersion="28" />

Conclusion:
This could also omit the DefaultFileScope property in the designer, which would reduce confusion - especially for inexperienced users.

1 Like

No, see the design document .

DefaultScope (Designer Only)

Specifies the default scope for file operations by different components. For the File component, the File's DefaultScope property overrides this property. For all other components, their paths are resolved based on the value of this property. The default value of this property will be App.

You still want to be able to decide, if for example the camera component stores its taken images in the ASD or a shared directory...

Taifun

Yes, I already understood that (from the idea). But unfortunately that doesn't work for most scopes (only for Legacy). So I thought you should use the same way as before (namely Legacy) for all components (except the File component) that can write and / or read.

Apart from that, if DefaultFileScope was NOT set to Legacy in the Designer, READ permission can no longer be requested from API 19+. So you can no longer access e.g. any image or audio file from the external storage. This should / must be possible in principle (on all Android versions).

However, if it were possible (and it should actually be possible) to store / read media files in shared storage, then there should actually be a way to select this option. But even in this case there should still be the possibility to access / read all (media) files - also from the external storage, outside the ASD - (note: from Android 10+ devices can only access media files).

I did a lot of tests with different scopes (Android 11, APK). Try e.g. these blocks after varying the DefaultFileScope in the designer. Build the APKs and check ...

Maybe add some menu to the designer, in which the user would decide what permissions to add to the manifest? Also for Internet permissions etc. I noticed that some people don't want these permissions and as Google suggests, they only want to use the permissions they need.

1 Like

When we talk about permissions, we basically mean dangerous permissions. Not dangerous permissions (like Internet etc.) are always declared and granted. As of API 23 (Android 6), the user does not notice that Internet permission etc. has been granted. These "not dangerous" permissions are only displayed on devices with an API < 23, since all permissions there are granted at install-time.

At DefaultFileScope, we're only talking about READ / WRITE permissions. And as I said several times, it should be possible to request READ permission on all Android versions (i.e. on Android 10+). WRITE permission only up to Android 9.

A positive note:
I was able to copy an audio file from the assets into the privateDir (with the File component) and play it from there with the Player component (of course without READ / WRITE permissions). Therefore it should also be possible to first download (audio) files to the ASD, then move them to the privateDir (copy / delete) and play them from there.

This could circumvent the problem of the AIA limitation to 30 MB and thus save sensitive files in the internal storage, which users would only have access to with a rooted device.

Note: I haven't found a way to decompile an AAB yet. This would be very helpful for adding (large, many) assets later ... as has been possible with the APK so far (see here).

Unless I have missed the discussion somewhere, webviewer cannot read / access files in media/storage on Android 11 device - specifically the /Download folder. Webviewer returns net::ERR_ACCESS_DENIED. Tested with companion and compiled from the test server.

Does one need to set a scope ?

On Android 11 you can only access / read media files.

See also here:

if I understand it correctly, then theoretically it would be possible to use the Storage Access Framework to access documents and other files... see also here

https://community.appinventor.mit.edu/t/file-component-is-showing-its-age/24751/5?u=taifun

Taifun

I do not see an issue using mp3 files which are stored in a subfolder of /Music. These are read only and work fine in my AI2 mp3 player app. I also understood that "other" files could be stored in Documents or Downloads and that these too would be read only for apps...

just to clarify what @Anke was trying to say... so according to the link, @Anke provided here Testing the next release of MIT App Inventor (nb187) - #149 by Anke which links to Android 11 Scoped Storage - Saving Files To Shared Storage | Android Explained we can find the following Q&A:

Q: I can put non-media files into other folders, such as Downloads, without any permission. Is this a bug?

A: No. Apps may contribute files to these collections, and the use of both Downloads and Documents collections for non-media files is a best practice. However, keep in mind that only the app that created the files can access them by default.

which means, the webviewer can or should be able to read/access files in the /Downloads folder, but only if the app created those files... but it should be /Downloads and not /Download ... maybe you can test that again @TIMAI2...

Taifun

1 Like

This where it gets interesting...I only have a physical Download folder. This does, however, show up in the "media" folder Downloads when I use the "Files" app. I can see the files I placed...